Skip to Content
author's profile photo Former Member
0
Former Member

RAR false negatives

Posted on Apr 29, 2011 at 05:24 PM 55 Views

I have 2 instances of GRC RAR (sp13) pointed to the same backend systems, and functions/risks identical (imported from same source). The issue is that on one of the instances, critical risks (for a user) are found and on the other they are not, and the user does have the risk. Any ideas?

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

7 Answers

  • author's profile photo Former Member
    Former Member
    Posted on Apr 29, 2011 at 09:11 PM
    0

    Check if the critical actions are maintinaed in the otehr system, also check the report type parameters.

    Regards,

    Chinmaya

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Apr 29, 2011 at 09:31 PM
    0

    of course the risks are maintained...I think you probably meant enabled, and yes they are. Like I said, when you look at the risk or rule or function, they are identical....but one instance works and one does not.

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Apr 29, 2011 at 09:32 PM
    0

    I forgot, the report parameters are identical as well.

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member
      May 02, 2011 at 09:51 AM

      Hi Jack,

      What is the user type? Sometimes it happens that RAR-- configuration - Risk analysis --default value --> we ignore Service users or other types, in that case risk will not appear.

      Check it in both GRC Servers.

      Regards,

      Sabita

  • author's profile photo Former Member
    Former Member
    Posted on May 02, 2011 at 12:20 PM
    0

    As I stated, ALL report parameters are identical and are set to ignore nothing, all user types, no critical roles/profiles defined, etc.

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on May 03, 2011 at 12:41 PM
    0

    at this point the only thing I checked was critical actions and critical permissions and they both show false negatives. I suspect that SOD checks will also have issues. It doesn't happen every time on every risk, but is repeatable. In other words, a particular risk will show false negatives and will always show false negatives, while one that doesn't won't ever show a false negative.

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member
      May 04, 2011 at 08:26 AM

      Try to download the rules from the GRC instance where it is coming correct and upload to another Instance where it is showing problem. Regenerate rules and check if the issue still persists. So far it seems there is some issue in rules itself.

      Are you using logical system?

      Regards,

      Sabita

  • author's profile photo Former Member
    Former Member
    Posted on May 04, 2011 at 12:51 PM
    0

    I have done as you suggested twice.....when you compare the rules on screen, they appear identical. And yes, I am using logical systems on both instances, when I bring over the functions, risks, rules, etc. I am also bringing over the connectors and logical systems.

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on May 04, 2011 at 12:53 PM
    0

    And to answer before someone suggests it, I also deleted both the function(s) and the risk, regened the rules and then created (by hand) the function(s) and risks and updated the rules....no difference.

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.